copy sky digital card
Dealing With Computer Abuse Without Digging Bigger Holes!
When faced with staff accused of abusing computer systems, have you got adequate procedures for collecting, preserving and presenting the evidence?
It’s a fairly safe bet that, in the past, you will have had to take action against someone accused of a breach of company policy with respect to their use of the organisations computer systems. There are two idioms that every corporate security officer lives by: “A backup is only as good as the last restore” and “Prevention is better than cure”. In a perfect world there would be no computer failures, no lost data and certainly no abuse of computer systems. Unfortunately, we don’t live in a perfect world and we have to face the very real prospect that corporate computer systems are woefully vulnerable to misuse and abuse.
“Computer abuse” is a phrase covering a multitude of sins, quite literally, from games playing to fraud, hacking and virus writing through inappropriate downloads and internet activity. The detection of such abuse falls squarely on the shoulders of the audit and security departments of any organisation, supported by adequate policy and procedures.
So, what exactly is “forensic auditing”? There are really two main components of the function, audit and computer forensics, which have the following primary aims:
- Detection of potential abuse
- Protection of the proof
- Adducing qualified evidence
- Presentation of the evidence
It may sound trite but in order to detect abuse within computer systems you must be looking for the right things. This where the audit role comes in. By using appropriate audit tools combined with a strategy to suit the organisation which is backed by well designed policy and procedures, it is remarkable easy to spot abuse of all kinds simply by viewing the audit data in the right way.
Most organisations fail to reap the true benefits of PC audit simply because they are focussed on the two gods of “asset management” and “corporate compliance”. Using the right tools, the process of audit can reveal much more about an organisation than that. For example, while performing a PC audit it is possible to collect the contents of the internet browser cache found on all internet ready machines. Using one of the many cache browsers available, it is then a simple task to review the copied data to establish potential transgressions of corporate internet policy.
One such audit on 2000 computers took place with a view to establishing the presence of any “undesirable” image files. The results were shocking. Over 210,000 images were found, of which approximately 25% were questionable. Existing audit data was used, that had been collected during a licence compliance audit and the whole analysis added just 4 man days to the audit project.
From the clients perspective, this was a cost exercise but one which was extremely valuable. In fact, not only image files found, but also a range of undesirable software including copies of PGP (Pretty Good Privacy) where it was not appropriate for encryption to be used, mobile phone cloning software, Sky card cracking software and much, much more!
What was even more surprising was the fact that not only did the above organisation have a reasonable security policy and working set of procedures in place but they also believed that had things under control.
While the above case serves to illustrate the “hidden” power and value of audit data, it also begs the question of what action to take if (or when) you are faced with the knowledge that there is serious abuse within your systems. This is where the forensics part of forensic auditing comes in.
About the Author
Elizabeth Sheldon is a director of Evidence Talks, One of the most highly regarded computer forensics consultancies in the UK, Evidence Talks lead the way with unique solutions to some of the problems faced by industry today. More information visit- evidencetalks.com
|
|
Superman Ultimate Collector’s Edition (Superman – The Movie/ Superman II/ Superman II – The Richard Donner Cut/ Superman III/ Superman IV – The Quest for Peace/ Superman Returns) $32.98 New. Complete Superman Set Remastered. Relive the experience in dvd quality!… |
|
|
Elder Scrolls V: Skyrim $45.00 The Elder Scrolls V: Skyrim is the next installment in the award-winning Elder Scrolls series. Skyrim is the follow up to the 2006 Game of the Year, The Elder Scrolls IV: Oblivion and the next game from Bethesda Game Studios, creators of the 2008 Game of the Year, Fallout 3…. |
|
|
Skies of Arcadia : Legends $49.99 Grab the wheel of your airship and prepare to embark on an adventure of legendary proportions. You are Vyse, a young member of the Blue Rogue pirates. Together with your childhood friend Aika and a mysterious girl named Fina, you are locked in an epic struggle with a powerful enemy nation for the fate of the world. You must gather your own crew of air pirates and journey through uncharted skies to… |
|
|
EverQuest II: Destiny of Velious $22.00 Following the events of Sentinel’s Fate, the twin Swords of Destiny, Soulfire and the Qeynos Claymore, have been drained of their powers, setting the stage for the destruction of the EverQuest universe. The prophecy known as Age’s End begins to unfold in the legendary continent of Velious and it is here where the war for Norrath will arise. For there to be any chance to save Norrath, the Swords o… |
